for ($k = 0; $k < count($list[$i]['url']); $k++) { mysql_query('INSERT INTO tc_tieba(username,fid,url) VALUES("' . $_SESSION['u'] . '","' . $list[$i]['balvid'][$k] . '","' . $list[$i]['url'][$k] . '")'); } } echo '<p>account bind success!</p><script type="text/javascript"> setTimeout(window.location.href="../index.php",3000); </script>'; } } } } else { if (isset($_POST['manual_bind'])) { $bp = new baidu_passport($_POST['user_cookie']); $result = $bp->get_passport_info(); $con = mysql_connect(DB_IP, DB_USERNAME, DB_PASSWORD); if (!$con) { error_tpl('数据库连接错误', '未能成功连接数据库,请检查config.inc.php文件是否存在', '../index.php'); } else { if (mysql_select_db(DB_NAME)) { $list = get_list($_POST['user_cookie']); mysql_query('set names utf8'); mysql_query('UPDATE tc_baiduinfo SET baidu_id="' . $result['baiduid'] . '", avastar="' . $result['avatar'] . '" WHERE tc_id="' . $_SESSION['u'] . '"'); mysql_query('UPDATE tc_user SET cookie= "' . base64_encode($_POST['user_cookie']) . '" WHERE username="******"'); for ($i = 0; $i < count($list); $i++) { for ($k = 0; $k < count($list[$i]['url']); $k++) { mysql_query('INSERT INTO tc_tieba(username,fid,url) VALUES("' . $_SESSION['u'] . '","' . $list[$i]['balvid'][$k] . '","' . $list[$i]['url'][$k] . '")'); } } echo '<p>account bind success!</p><script type="text/javascript"> setTimeout(window.location.href="../index.php",3000); </script>'; } }
echo '<p>注册成功!</p><script type="text/javascript"> setTimeout(window.location.href="../login.php",3000); </script>'; } } else { die("select database name error,check your config.inc.php."); } } } } else { if (isset($_POST['log'])) { $con = mysql_connect(DB_IP, DB_USERNAME, DB_PASSWORD); if (!$con) { error_tpl('数据库连接错误', '未能正确连接数据库,请检查config.inc.php文件是否存在.', '../index.php'); } else { if (mysql_select_db(DB_NAME)) { $ret = mysql_query('SELECT * FROM tc_user WHERE username ="******"AND password ="******"'); if ($res = mysql_fetch_array($ret)) { session_start(); $_SESSION["u"] = $_POST['log_username']; header('Location:../index.php'); } else { error_tpl('登录错误', '你输入的用户名或者密码错误 :(', '../login.php'); } } else { error_tpl('数据库选择错误', '未能正确选择数据库,请检查config.inc.php文件是否存在或者数据库是否存在.', '../index.php'); } } } else { header('Location:../login.php'); } }
mysql_query('INSERT INTO tc_user(uid,username,password) VALUES( 0 ,"' . $_POST['admin_name'] . '","' . md5($_POST['admin_password']) . '")'); mysql_query('INSERT INTO tc_baiduinfo(tc_id) VALUES("' . $_POST['admin_name'] . '")'); mysql_query('INSERT INTO tc_tmp(count) VALUES(0)'); mysql_query('INSERT INTO tc_conf(setting) VALUES("1.5")'); echo '<p>install succeed,enjoy!</p> <script type="text/javascript"> setTimeout(window.location.href="../login.php",3000); </script>'; } else { //if the database not exist,create the database and then create table; mysql_query('CREATE DATABASE ' . $_POST['db_name'] . ' default charset utf8'); if (mysql_select_db($_POST['db_name'])) { mysql_query('CREATE TABLE tc_tmp(uid int NOT NULL AUTO_INCREMENT PRIMARY KEY,count int )'); mysql_query('CREATE TABLE tc_user(uid int NOT NULL AUTO_INCREMENT PRIMARY KEY,username varchar(15),password varchar(50),cookie varchar(300))'); mysql_query('CREATE TABLE tc_baiduinfo(uid int NOT NULL AUTO_INCREMENT PRIMARY KEY,tc_id varchar(15),baidu_id varchar(15),avastar varchar(200))'); mysql_query('CREATE TABLE tc_tieba(uid int NOT NULL AUTO_INCREMENT PRIMARY KEY,username varchar(15),fid varchar(15),url varchar(190))'); mysql_query('CREATE TABLE tc_conf(uid int NOT NULL AUTO_INCREMENT PRIMARY KEY,setting varchar(15))'); mysql_query('set names utf8'); mysql_query('INSERT INTO tc_user(uid,username,password) VALUES( 0 ,"' . $_POST['admin_name'] . '","' . md5($_POST['admin_password']) . '")'); mysql_query('INSERT INTO tc_baiduinfo(tc_id) VALUES("' . $_POST['admin_name'] . '")'); mysql_query('INSERT INTO tc_tmp(count) VALUES(0)'); mysql_query('INSERT INTO tc_conf(setting) VALUES("1.5")'); echo '<p>you have succeed to install TiebaCloud,enjoy!</p> <script type="text/javascript"> setTimeout(window.location.href="../login.php",3000); </script>'; } else { error_tpl('创建数据表出错', '未能创建数据表,请检查你是否拥有create权限或者安装配置是否填写正确', '../index.php'); } } }
if (mysqli_fetch_array($res) == '') { mysqli_query($con, 'INSERT INTO tc_tmp(count) VALUES(0)'); mysqli_close($con); echo '<p>关闭贴吧云注册成功</p><script type="text/javascript"> setTimeout(window.location.href="../admin.php",3000); </script>'; } else { mysqli_query($con, 'UPDATE tc_tmp SET count=0 WHERE uid=2'); mysqli_close($con); echo '<p>关闭贴吧云注册成功</p><script type="text/javascript"> setTimeout(window.location.href="../admin.php",3000); </script>'; } } } } else { if (isset($_POST['signon'])) { $con = mysqli_connect(DB_IP, DB_USERNAME, DB_PASSWORD); if (!$con) { error_tpl('数据库连接错误', '未能正确连接数据库,请检查config.inc.php文件是否存在.', '../index.php'); } else { if (mysqli_select_db($con, DB_NAME)) { mysqli_query($con, 'UPDATE tc_tmp SET count=1 WHERE uid=2'); mysqli_close($con); echo '<p>开启贴吧云注册成功</p><script type="text/javascript"> setTimeout(window.location.href="../admin.php",3000); </script>'; } } } } } else { error_tpl('访问错误', '禁止直接访问admin.php文件.', '../index.php'); }
<?php require 'config.inc.php'; require 'api.php'; if (!empty($_POST)) { $con = mysql_connect(DB_IP, DB_USERNAME, DB_PASSWORD); if (!$con) { error_tpl('数据库连接错误', '无法正常连接数据库以完成用户删除操作,请检查config.inc.php', '../index.php'); } else { if (mysql_select_db(DB_NAME)) { $n = each($_POST)['key']; if ($n === ADMIN_NAME) { error_tpl('不允许删除管理员账户', '你没事删除自己干什么...', '../admin.php'); } else { mysql_query('DELETE FROM tc_baiduinfo WHERE tc_id="' . $n . '"'); mysql_query('DELETE FROM tc_user WHERE username="******"'); mysql_query('DELETE FROM tc_tieba WHERE username="******"'); echo '<p>delete user success!</p><script type="text/javascript"> setTimeout(window.location.href="../admin.php",3000); </script>'; } } } } else { error_tpl('试图直接访问delete.php', '不允许直接访问,请登录管理面板以进行用户删除操作', '../index.php'); }
header('location:./lib/bind.php?bindback=' . 'BDUSS=' . $result['data']['bduss']); break; case 5: $_SESSION['vcode_md5'] = $result['data']['vcode_md5']; $need_vcode = 1; break; default: header('location:./lib/bind.php?bindback=error'); break; } } $info = ''; if (isset($_SESSION['u'])) { $con = mysql_connect(DB_IP, DB_USERNAME, DB_PASSWORD); if (!$con) { error_tpl('连接数据库失败', '贴吧云获取用户百度信息时无法正确连接数据库,请检查config.inc.php文件', ''); } else { if (mysql_select_db(DB_NAME)) { if ($_SESSION['u'] == ADMIN_NAME) { $ver = get_version(); $s = mysql_fetch_array(mysql_query('SELECT setting FROM tc_conf WHERE uid=1')); $v = $s[0]; if (!($v == $ver)) { header('location:./lib/updater.php'); } } mysql_query('set names utf8'); $res = mysql_query('SELECT baidu_id,avastar FROM tc_baiduinfo WHERE tc_id="' . $_SESSION['u'] . '"'); if ($re = @mysql_fetch_array($res)) { if ($re['baidu_id'] == NULL) { $info = '
<?php session_start(); error_reporting(0); require 'config.inc.php'; require 'api.php'; switch ($_POST['data']) { case 'status': $content = array(); $con = mysql_connect(DB_IP, DB_USERNAME, DB_PASSWORD); if (!$con) { error_tpl('ajax查询时错误', 'ajax查询时无法连接数据库,请检查config.inc.php文件是否存在.', '../index.php'); } else { if (mysql_select_db(DB_NAME)) { $count = 0; $res = mysql_query('SELECT * FROM tc_tieba WHERE username="******"'); while ($ret = mysql_fetch_array($res, MYSQL_NUM)) { $count++; $content[1] .= '<span class="label label-danger">' . mb_convert_encoding(urldecode($ret[3]), "UTF-8", "GB2312") . '</span> '; } $content[0] = $count; } echo '目前贴吧云为你的<span class="label label-primary">' . $content[0] . '</span>个贴吧进行签到,详细情况如下:<br>' . $content[1] . '<br><br>'; } break; default: error_tpl('访问错误', '禁止非post方式直接访问operator.php文件', '../index.php'); break; }